Last week, a sweeping hack took down dozens of websites including Spotify, Twitter
TWTR, +0.05%
, Pinterest, Reddit, and Paypal
PYPL, +0.10%
— and if you own a smart device, it is possible you unwittingly contributed to it.

The outage was caused by a distributed denial of service (DDoS) attack in which hackers flood a recipient with web traffic to slow or shut it down —in this case, the servers of internet infrastructure company Dyn, which caters to a variety of major web companies. The DDoS attack was reportedly carried out through millions of hacked connected devices like web cameras and smart fridges, seemingly innocuous items which are often poorly secured and easily compromised. At the National Cyber Security Alliance (NCSA) and Nasdaq Cybersecurity Summit on Monday, several security experts spoke about the incident and whether it will be a turning point that drives government regulators, tech companies, and consumers to prioritize privacy in our increasingly connected world.

Consumers are becoming increasingly literate in security, according to a recent survey conducted by IT security company ESET in collaboration with the NCSA. It found 88% of respondents were aware of hacking vulnerabilities in connected devices and 50% said these concerns have discouraged them from buying similar products. ESET chief executive Andrew Lee said this growing understanding of these frailties could drive companies to place more importance on security until concrete regulations are enforced.

“Very often regulation lags practice by many years, but I think the onus should be on people being more aware and choosing technology that has better security,” he said. “That could ultimately be a selling point for devices — if they are proven to be more secure.”

K3: Robo-mall cop

(0:32)

A security robot designed to be the advanced eyes and ears for security guards takes the stage at WSJDLive.

This includes third-party security certification and other measures to show customers their data is in good hands. He said companies should also make it easier for consumers to implement security measures built into existing products, like giving each customer a custom default password. Often devices come with a default username and password combination that hackers can easily guess or find online. One 2014 study from Avast found that 79% of home internet networks were at risk of hacking due to poor privacy practices like easily guessable or default passwords on routers. This was the case with Chinese company Hangzhou Xiongma, whose web cameras played a major role in last week’s hack and have since been recalled.

Privacy-related recalls could become more frequent as connected devices become more intimate. A hack of a smart lamp or connected refrigerator may seem frivolous, but when it’s an insulin pump or a pacemaker that is compromised, attacks can be lethal and make action more necessary. “In a sense maybe there is a turning point for certain manufacturers to say, OK we need to do something about this,” Lee said. “That is going to cost them a huge amount — any time you have to do a recall it causes losses in reputational damage as well. That reputational damage is something that will start to affect change in the manufacturer.”

Innovation to thwart major attacks can come from the manufacturers of these devices themselves, but also the companies that make up the internet’s infrastructure. Anthony Grieco, senior director of security and trust organization at Cisco
CSCO, +0.37%
said internet companies need to build in more security by design, and that measures are becoming increasingly smart — for example, being able to determine if a device is sending out a disproportionate amount of traffic to a server that might indicate it is hacked. “In the end, it’s a multilayered approach,” he said. “There is no one magic thing a Cisco router could do for the internet to solve the DDoS problem.”

Internal analysis in the next few weeks will be crucial in whether the aftermath of Friday’s hack will push companies towards better security, said Ohio-based video game cybersecurity expert Matthew Cook.

“It is going to take a number of events like this where it starts to become a profit motive for all the companies involved in this where they say, ‘we can’t ignore this any longer,’” he said. “Companies need to realize that they should invest in security, not just because it is the right thing to do — and it is — but because it is the more profitable thing to do as well.”

Mortgage Rates

Powered by

This advertisement is provided by Bankrate, which compiles rate data from more than 4,800 financial institutions. Bankrate is paid by financial institutions whenever users click on display advertisements or on rate table listings enhanced with features like logos, navigation links, and toll free numbers. Dow Jones receives a share of these revenues when users click on a paid placement.

Intraday Data provided by SIX Financial Information and subject to terms of use.
Historical and current end-of-day data provided by SIX Financial Information. Intraday data
delayed per exchange requirements. S&P/Dow Jones Indices (SM) from Dow Jones & Company, Inc.
All quotes are in local exchange time. Real time last sale data provided by NASDAQ. More
information on NASDAQ traded symbols and their current financial status. Intraday
data delayed 15 minutes for Nasdaq, and 20 minutes for other exchanges. S&P/Dow Jones Indices (SM)
from Dow Jones & Company, Inc. SEHK intraday data is provided by SIX Financial Information and is
at least 60-minutes delayed. All quotes are in local exchange time.